Global Incident Management Lead

Carrier is the leading global provider of healthy, safe and sustainable building and cold chain solutions with a world-class, diverse workforce with business segments covering HVAC, refrigeration, and fire and security. We make modern life possible by delivering safer, smarter and more sustainable services that make a difference to people and our planet while revolutionizing industry trends. This is why we come to work every day. Join us and we can make a difference together.

About this role

The Global Incident Management (GIM) Lead is responsible for the detection, validation, containment, remediation, and communication – for computer-based security events and incidents such as malware infections, potential compromise, Distributed Denial of Service (DDoS), and other cyber-based security threats.  The ideal candidate will be able to leverage their extensive experience to convey company risk and response actions to a wide-ranging audience of executive and highly technical groups and lead a large team in spearheading incident response and remediation practices. 

Key Responsibilities

• Oversee information security operations for Incident Response / Security Operations Center.
• First line of defense to on-network cyber threats.
• Create security plans, and training that prepare organizations to respond efficiently and effectively to cyberthreats.
• Brief executive leadership to occurring incidents and response actions.
• Identify and lead remediation efforts of control deficiencies.
• Convey technical concepts to a wide-range of technical and executive members.
• Baseline attacker methodologies and compare against existing countermeasures to assess residual risk.
• Lead efforts to mitigate risk within the organization through cross collaboration with all teams.

Required Qualifications

• 10+ years relevant work experience
• 5+ years of experience with the Cyber Kill-Chain
• 5+ years of experience leading and training analysts on cradle-to-grave incident response and remediation
• 5+ years of experience leading incident response teams
• 3+ years of experience leading development of Incident Response findings reports and mitigate control failures
• 3+ years of experience defining incident response playbook requirements
• 3+ years of experience with attacker methodology and response strategies
• Due to contractual agreements, must be a US citizen or permanent resident

Preferred Qualifications

• Bachelor’s Degree
• Ability to proofread detection logic for flaws within alerting strategy.
• Understanding of the MITRE Att&ck Framework.
• Exposure to either participating on or leading alternate cyber teams (Threat Intelligence, IDS, Hunt, Pentest, Policy, etc).
• Forensics & IR background
• Background in one or more programing languages (C#, Python, Java, etc).
• Public speaking
• 2 or more of the following Certifications: GCIH, GCIA, GREM, CISSP, Security+, CEH, OCSP
• Familiar with standard detection methodologies and collaboration with Intrusion Detection teams for tuning
• Ability to convey technical concepts to a diverse audience of varying skillsets.
• Excellent oral and written communication skills.
• Ability to drive results across multiple teams.
• Extensive understanding of network security concepts and best practices.
• Manage day-to-day tasks and have in-depth involvement to allow for early identification of potential challenges

#LI-Hybrid

RSRCAR